After about two moths of off and on studying I passed. Unfortunately my energy and sugar levels dropped towards the end, but I still pulled through.

My study plan included reading the Offical CEH book by Graves, I should have skipped it and gone directly to Exam Prep by Gregg. I found the Exam Prep had a deeper level of the material which represented what was on the test. While the Offical CEH book was a good start, I felt it lacked the depth of Exam Prep. Exam Prep explained some of the harder material is an easy to use format. The chapter on cryptology was steller! I wish I would have reviewed this before I sat for the CISSP. In addition to the books I used the Career Academy's videos. The video was a good solid foundation that went into a lot of the older software you may not find else where and some walk throughs you may not have the time to do on your own. I previewed the CBT nuggets but I honestly could not take the jokes and unethical comments/stories he was telling.

I felt I should have done more studying with the specific tools like Ettercap, netcat, Snort, and Wireshark. Having a lot of experience with NMAP definately helped.

My next plan is go self-study for GCIH, as long as my company will spring for the book. I don't know why they are dragging their feet. It's much cheaper than flying me to a SANS training.

-un

Last edited by unsupported on Fri Mar 20, 2009 4:02 pm, edited 1 time in total.

I am in a big dilemma. I want to do another certification, a technical one. I am about to graduate a Master in Infosec, I am Security+ and passed CISSP, but my experience is more managerial, BC and DR, and I want to go deeper in the technical field (I really like the adrenaline that comes with pentest). I really don't know which one to choose. I started to study for CEH, but on this forum I read a lot about OSCP and it seems very interesting. What advise do you give me? I am thinking about reading Michael Gregg's CEH prep guide and Build Your Own Security Lab A Field Guide for Network Testing. Also, I want to go and practice nmap, linux scripts, leo and then take OSCP and not CEH (the company I am working now don't want to pay for certifications so I'll have to choose only one).The problem is that if this would take more than 2 month I will have to reschedule it for the late fall, because I'm in Canada now and I want to spend the summer with my kids, and the 6 month of winter with the study Do you think that I should go now for the CEH v5 and during the winter for the OSCP? Can CEH help me more to do vulnerability assessment and, maybe, for BIA?Thank's again. This forum became my daily journal.

Thanks for the response and making me relaxed as I was thinking how do I cover all the modules of v6 while I do my busy work... (like every workoholic)

well I have one more question, what are the lab setups you'll gone through and how much of the commands / tools / results / outputs need to be studied.

theory is good I can read while traveling or relaxing at home anywhere but I am concerned about the tools. I have been using metasploit (web), nmap (zenmap) and easy tools and others are like whenever I get to know new vulnerability or tools I just try out.

but for the exam which ones do I need to master in (as per exam preparation) there are heck number of tools and memorizing each and every from commands, options and outputs is tiring. so need to know which ones are important for the exam.

I like ur theory.. Very simple. As long as I know, hacking in practise is the combination of theory, technical operation, and imagination.

In hacking, there are a ton of tools that could be used. But I think, everyone has their favourites. And also almost of people have the same tools in hacking. Such as, nmap, wireshark, metasploit, john the ripper, etc. Just look at the Fyodor page. It's cool if somebody has a physical lab for hacking.

This is my opinion, not my advise..Just play the game, and more interaction with that tools will making easy for remember the commands. Backtrack is my favourite, I'm currently running is v3. Unix/Linux environment is very supporting ourself to build up the hacking technique.